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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-1 1 are rejected under 35 U.S.C. 102(b) as being anticipated by Cisco 
System "Network Security: An Executive Overview". 

Claim 1 

Cisco System discloses a method for checking network perimeter security, said method 
comprising the steps of: 

reviewing security of a network perimeter architecture (page 4: "Perimeter security 
solutions control access to critical network applications, data, and services so that only 
legitimate users and information can pass through the network"); 
reviewing security of data processing devices that transfer data across the perimeter of 
the network (page 4: Perimeter security: a firewall provides a barrier to traffic crossing a 
network's "perimeter" and permits only authorized traffic to pass, according to a 
predefined security policy"); 

reviewing security of applications that transfer data across said perimeter (page 4: 
Perimeter security: a firewall provides a barrier to traffic crossing a network's "perimeter" 
and permits only authorized traffic to pass, according to a predefined security policy"); 
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and 

reviewing vulnerability of applications or data processing devices within said perimeter 
from computers or users outside of said perimeter (page 4: "Security monitoring: 
intrusion detection systems and vulnerability scanners provide an additional layer of 
network security. The system uses sensors, which are high-speed network appliances, 
to analyze individual packets to detect suspicious activity. If the data stream in a 
network exhibits unauthorized activity or a network attack, the sensors can detect the 
misuse in real time, forward alarms to an administrator and remove the offender from 
the network"). 

Claim 2 

Cisco System discloses the method as set forth in claim 1 further comprising the step of 
reviewing security of data processing devices within said perimeter that authenticate 
computers or users outside of said perimeter that request to access an application 
within said perimeter (page 3: "Identity: identity is the accurate and positive identification 
of network users, hosts, applications, services and resources. Cisco Secure Access 
Control Server to provide a foundation that authenticates user, determines access 
levels and archives all necessary audit and accounting data"). 

Claim 3 

Cisco System discloses the method as set forth in claim 1 further comprising the step of 
reviewing security of data processing devices that authorize computers or users outside 
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of said perimeter that request to access an application within said perimeter (page 3: 
"Identity: identity is the accurate and positive identification of network users, hosts, 
applications, services and resources. Cisco Secure Access Control Server to provide a 
foundation that authenticates user, determines access levels and archives all necessary 
audit and accounting data"). 

Claim 4 

Cisco System discloses the method as set forth in claim 1 wherein the step of reviewing 
security of said data processing devices comprises the step of reviewing security of a 
web server, an e-mail server or an FTP server (page 2: Cost of Intrusion: "web server = 
e-commerce web sites; and email systems and using AAA capabilities of the Cisco 
Secure Access Control Server to provide foundation that authenticates users, 
determines access levels and archives all necessary audit and accounting data on page 
4"). 

Claim 5 

Cisco System discloses the method as set forth in claim 1 further comprising the step of 
reviewing security of a server within said perimeter that provides data to said data 
processing devices that transfer data across the perimeter of said network (page 4: 
"using AAA capabilities of the Cisco Secure Access Control Server to provide 
foundation that authenticates users, determines access levels and archives all 
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necessary audit and accounting data"). 
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Claim 6 

Cisco System discloses the method as set forth in claim 1 wherein each of said reviews 
is performed by comparison to a security policy of an enterprise which owns or controls 
said network (page 3: Designing the security infrastructure: "enterprises should make 
sure to consider their network security implementations as competitive advantages that 
can attract customers, employees, and partners; security architecture integrated into the 
existing enterprise network and on page 4: Cisco Secure Policy Manager supports 
Cisco security elements in enterprise networks, ensuring a comprehensive, consistent 
implementation of security policy"). 

Claim 7 

Cisco System discloses the method as set forth in claim 1 further comprising the step of 
determining said network perimeter (page 4: Perimeter Security: "control 
access/determine access to critical network applications, data and services so that only 
legitimate users and information can pass through the network" and Secure 
Connectivity). 

Claim 8 

Cisco System discloses the method as set forth in claim 7 wherein said network 
perimeter comprises entries and exits from said network (page 4: Perimeter Security: 
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"control access to critical network applications, data and services so that only legitimate 
users and information can pass (enter and exit) through the network"). 

Claim 9 

Cisco System discloses the method as set forth in claim 1 wherein said network 
perimeter comprises entries and exits from said network (page 4: Perimeter Security: 
"control access to critical network applications, data and services so that only legitimate 
users and information can pass (enter and exit) through the network"). 

Claim 10 

Cisco System discloses the method as set forth in claim 1 wherein the steps of 
reviewing security of a network perimeter architecture (page 4: "Perimeter security 
solutions control access to critical network applications, data, and services so that only 
legitimate users and information can pass through the network"), reviewing security of 
data processing devices that transfer data across the perimeter of the network (page 4: 
Perimeter security: a firewall provides a barrier to traffic crossing a network's "perimeter" 
and permits only authorized traffic to pass, according to a predefined security policy"), 
and reviewing vulnerability of applications or data processing devices within said 
perimeter from entities outside of said perimeter are performed at least in part with a 
respective program tool (page 4: "Security monitoring: intrusion detection systems, and 
vulnerability scanners provide an additional layer of network security. The system uses 
sensors, which are high-speed network appliances, to analyze individual packets to 
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detect suspicious activity. If the data stream in a network exhibits unauthorized activity 
or a network attack, the sensors can detect the misuse in real time, forward alarms to 
an administrator and remove the offender from the network" and Security Monitor: " 
Cisco Scanner is an enterprise-class software and page 5: SAFE blueprint"). 

Claim 11 

Cisco System discloses the method as set forth in claim 1 wherein the step of reviewing 
security of said data processing devices comprises the step of reviewing security of 
data processing devices accessed by users outside of said perimeter (page 3: "Identity: 
identity is the accurate and positive identification of network users, hosts, applications, 
services and resources. Cisco Secure Access Control Server to provide a foundation 
that authenticates user, determines access levels and archives all necessary audit and 
accounting data"). 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Wiegel (US 6, 484, 261 B1) teaches a method of establishing a representation of 
a network security policy and controls a network device that passes or rejects 
information messages. 
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Kurtz et al. (US 2003/021 7039 A1 ) teaches a system and method provide 
comprehensive and highly automated testing of vulnerabilities to intrusion on a target 
network. 

Currie et al. (US 2005/01 60286 A1 ) teaches security verification of the security 
status of online services. 

eSoft (http://www.kfa-inc.com/techtips/securitywhitepaper.pdf) teaches overview 
of network security threats and how they are typically managed and proposes an 
improved, simplified approach that can be achieved through the integration of security 
technologies. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kari L. Schmidt whose telephone number is 571-270- 
1385. The examiner can normally be reached on Monday - Friday: 7:30am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




